Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cd3f88a43b2764c4896ab8f879fb2c10
-
Size
653KB
-
Sample
240316-gb6hfaeh59
-
MD5
cd3f88a43b2764c4896ab8f879fb2c10
-
SHA1
bb85a6645a908be90ff4015e069904194cb282cf
-
SHA256
0a7f5f666fb7a1cdda25353191ddaced97674f596af7230d58af2ee14ea14819
-
SHA512
9f9987b804d0e8cff9c383651fd0b88d98ca21e3f318643b0afc9c05d352f66a9a7baa048644ab89e9bfee94e92e90fa433f3fb4b99e70d5c457eb9052bdd1f1
-
SSDEEP
6144:LQBD8ozQzHR21FJLgGz0kUTVvSERat1Hin2n+jX/oKrcqIyfm/a7bB3+Xv:LQBD8DWsvS+ICn2n0AKgqIyfmE
Static task
static1
Behavioral task
behavioral1
Sample
cd3f88a43b2764c4896ab8f879fb2c10.exe
Resource
win7-20240215-en
Malware Config
Extracted
redline
CRYPTO
212.86.102.139:32600
Targets
-
-
Target
cd3f88a43b2764c4896ab8f879fb2c10
-
Size
653KB
-
MD5
cd3f88a43b2764c4896ab8f879fb2c10
-
SHA1
bb85a6645a908be90ff4015e069904194cb282cf
-
SHA256
0a7f5f666fb7a1cdda25353191ddaced97674f596af7230d58af2ee14ea14819
-
SHA512
9f9987b804d0e8cff9c383651fd0b88d98ca21e3f318643b0afc9c05d352f66a9a7baa048644ab89e9bfee94e92e90fa433f3fb4b99e70d5c457eb9052bdd1f1
-
SSDEEP
6144:LQBD8ozQzHR21FJLgGz0kUTVvSERat1Hin2n+jX/oKrcqIyfm/a7bB3+Xv:LQBD8DWsvS+ICn2n0AKgqIyfmE
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-